漏洞描述
Teampass ldap.debug.txt config was detected. This file is generated on "/files/ldap.debug.txt" for versions earlier than 3.0.0.0 when utilizing the "Test current configuration" in LDAP settings.
teampass-ldap: Teampass LDAP Debug Config - Detect
PoC代码[已公开]
id: teampass-ldap
info:
name: Teampass LDAP Debug Config - Detect
author: josecosta
severity: medium
description: |
Teampass ldap.debug.txt config was detected. This file is generated on "/files/ldap.debug.txt" for versions earlier than 3.0.0.0 when utilizing the "Test current configuration" in LDAP settings.
reference:
- https://github.com/nilsteampassnet/TeamPass/commit/ea9838481a58879cdf3def31046955efcff5a546#diff-61809be6a8fff101e3748a0c7dfad90bR16
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-200
cpe: cpe:2.3:a:teampass:teampass:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
fofa-query: app="TEAMPASS"
product: teampass
vendor: teampass
tags: exposure,teampass,ldap,logs,vuln
http:
- method: GET
path:
- "{{BaseURL}}/files/ldap.debug.txt"
matchers-condition: and
matchers:
- type: word
part: header
words:
- 'base_dn'
- 'search_base'
- 'bind_dn'
- 'bind_passwd'
condition: and
- type: word
part: header
words:
- 'text/plain'
- type: status
status:
- 200
# digest: 4b0a004830460221008685be24c7141a30282dbefbc52e6e66fe7d70866890251e8dec34c03fd3f91b022100f0d315a71951c53dd6908ca49845b66b4ee1e2e370c97f0fb4ccef7bc7650e9e:922c64590222798bb761d5b6d8e72950